[dpdk-dev] [PATCH v2] metrics: fix potential missing NULL termination

Remy Horton remy.horton at intel.com
Tue Feb 20 17:05:59 CET 2018


Fixes a potential memory overrun detected by Coverity.
This overrun cannot currently happen in practice because
rte_metrics_reg_names() explicitly forces the last name
character to be a NULL terminator. This patch adds the
same enforcement to rte_metrics_get_names() in order to
correct the warning, as well as using snprintf instead
of strncpy to copy name strings.

Coverity issue: 143434
Fixes: 349950ddb9c5 ("metrics: add information metrics library")
Fixes: 710cab6f675a ("metrics: fix out of bound access")

Signed-off-by: Remy Horton <remy.horton at intel.com>

--
Changes in v2
* Replace strncpy with snprintf
---
 lib/librte_metrics/rte_metrics.c | 12 +++++-------
 1 file changed, 5 insertions(+), 7 deletions(-)

diff --git a/lib/librte_metrics/rte_metrics.c b/lib/librte_metrics/rte_metrics.c
index 556ae1b..b0f5450 100644
--- a/lib/librte_metrics/rte_metrics.c
+++ b/lib/librte_metrics/rte_metrics.c
@@ -113,10 +113,8 @@ rte_metrics_reg_names(const char * const *names, uint16_t cnt_names)
 
 	for (idx_name = 0; idx_name < cnt_names; idx_name++) {
 		entry = &stats->metadata[idx_name + stats->cnt_stats];
-		strncpy(entry->name, names[idx_name],
-			RTE_METRICS_MAX_NAME_LEN);
-		/* Enforce NULL-termination */
-		entry->name[RTE_METRICS_MAX_NAME_LEN - 1] = '\0';
+		snprintf(entry->name, RTE_METRICS_MAX_NAME_LEN,
+			"%s", names[idx_name]);
 		memset(entry->value, 0, sizeof(entry->value));
 		entry->idx_next_stat = idx_name + stats->cnt_stats + 1;
 	}
@@ -215,9 +213,9 @@ rte_metrics_get_names(struct rte_metric_name *names,
 			return return_value;
 		}
 		for (idx_name = 0; idx_name < stats->cnt_stats; idx_name++)
-			strncpy(names[idx_name].name,
-				stats->metadata[idx_name].name,
-				RTE_METRICS_MAX_NAME_LEN);
+			snprintf(names[idx_name].name,
+				RTE_METRICS_MAX_NAME_LEN,
+				"%s", stats->metadata[idx_name].name);
 	}
 	return_value = stats->cnt_stats;
 	rte_spinlock_unlock(&stats->lock);
-- 
2.9.5



More information about the dev mailing list